Operational Defect Database
BugZero found this defect 205 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
WatchGuard Technologies | kA16S000000byn8SAA
WatchGuard Endpoint Security detects Trj/RansomDecoy.A after selecting "Do not detect again"
Last update date:
10/27/2023
Affected products:
WatchGuard Endpoint Security
Affected releases:
All
WatchGuard Endpoint Security
Fixed releases:
All
Description:
Issue
WatchGuard Endpoint Security detects Trj/RansomDecoy.A after the administrator selected Do not detect again action from the details of a specific malware detection.This issue affects these versions: v8.00.21.Xv8.00.22.0010 to v8.00.22.0022 (inclusive)
Workaround/Solution
Apply the available hotfix on the affected endpoint. Download and save the hotfix file to the endpoint: hf-wgua2030-ransomdecoydetection.exeDouble-click the downloaded file.The hotfix installation does not require that you restart the computer. In certain circumstances, you might be prompted to restart the computer for the hotfix to be fully applied. If you cannot restart the computer immediately, select No when prompted. This postpones the application of the hotfix until the next system restart. Note: To download an unattended or silent version of the hotfix, click here. The hotfix is applied after the next system restart. File Details The hotfix updates this file: File nameLocationFile VersionModified DateHotfix to be included in future versions?WPDecoy.dllC:\Program Files (x86)\Panda Security\WAC2.1.0.11October 18th, 2023Later than v8.00.22.0022 Verify the Hotfix To confirm that the hotfix has resolved the issue, verify the file version in the File Details section, or verify the values of these Registry keys: 32-BIT ARCHITECTURE64-BIT ARCHITECTURERegistry KeyValueRegistry KeyValueHKEY_LOCAL_MACHINE\SOFTWARE\Panda Software\Setup\Hotfix history\HF_WPDecoyRevision [REG_DWORD] 6HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Panda Software\Setup\Hotfix history\HF_WPDecoyRevision [REG_DWORD] 6HKEY_LOCAL_MACHINE\SOFTWARE\Panda Software\Setup\Hotfix history\HF_WPDecoyResult [REG_DWORD] 0 = Success 1 = Not Applied 2 = Error 9 = Pending RebootHKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Panda Software\Setup\Hotfix history\HF_WPDecoyResult [REG_DWORD] 0 = Success 1 = Not Applied 2 = Error 9 = Pending Reboot
